CVE-2007-1526

3 documents3 sources

Severity

6.0MEDIUM

EPSS

0.2%

top 52.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java System WEB Server

Timeline

PublishedMar 20

Latest updateMay 1

Description

Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for the admin server via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages1 packages

▶NVDsun/java_system_web_server6.1

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-5j68-rq83-rv67: Sun Java System Web Server 6↗2022-05-01

▶

CVEList

CVE-2007-1526: Sun Java System Web Server 6↗2007-03-20

▶